CVE-2011-1167

Published: 28 March 2011

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

Priority

Medium

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian 		Upstream Needs triage

Patches:
Upstream: http://bugzilla.maptools.org/show_bug.cgi?id=2300

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading